1
0
mirror of synced 2024-12-04 08:35:42 +01:00

Support for checking for updates

This commit is contained in:
Mason Simon 2018-05-29 10:22:10 -07:00
parent 8a7b94ce15
commit faaee67199
3 changed files with 23 additions and 2 deletions

View File

@ -61,3 +61,6 @@ run-demo:
docker build -t ipscrub .
docker build -t ipscrub-demo-client demo/
docker-compose up --abort-on-container-exit
check-up-to-date: script/check-up-to-date.sh
$<

View File

@ -41,7 +41,7 @@ Scenario (2) is defended against because the server operator does not know the s
`ipscrub` can be built statically with nginx or as a [dynamic module](https://www.nginx.com/blog/compiling-dynamic-modules-nginx-plus/). See the `Makefile` for examples of both ways.
### Configuration
#### Configuration
In your `nginx.conf`,
@ -52,10 +52,16 @@ In your `nginx.conf`,
**NOTE**: nginx may still leak IP addresses in the error log. If this is a concern, disable error logging or wipe the log regularly.
### Running Tests
#### Running Tests
`make test`
#### Checking for Updates
`make check-up-to-date`
This will have a non-zero exit code if you aren't up-to-date, so you can automate regular checks.
### Changelog
- 1.0.1 fixed vulnerability to unmasking hashed IPs (thanks to [@marcan](https://github.com/marcan))

12
script/check-up-to-date.sh Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
echo "Checking..."
latest=`curl "https://api.github.com/repos/masonicboom/ipscrub/releases/latest" 2>/dev/null | grep --extended-regexp -o "\"tag_name\":\s+\".*\"" | cut -d '"' -f 4`
current=`git tag | sort | tail -n 1`
if [ $current != $latest ]; then
echo "Current version is $current; latest is $latest. Check https://github.com/masonicboom/ipscrub/releases to see if you should update."
exit 1
else
echo "You are on the latest version of ipscrub ($current)."
fi